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Gifford and others proposed an effect typing discipline to delimit the scope of computational 
effects within a program, while Moggi and others proposed monads for much the same purpose. 
Here we marry effects to monads, uniting two previously separate lines of research. In particular, 
we show that the type, region, and effect system of Talpin and Jouvelot carries over directly to 
an analogous system for monads, including a type and effect reconstruction algorithm. The same 
technique should allow one to transpose any effect system into a corresponding monad system. 
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1. INTRODUCTION 

Computational effects, such as state or continuations, are powerful medicine. If 
taken as directed they may cure a nasty bug. but one must be wary of the side 
effects. 

For this reason, many researchers in computing seek to exploit the benefits of 
computational effects while delimiting their scope. Two such lines of research are 
the effect typing discipline, proposed by Gifford and Lucassen [GL86: Luc87], and 
pursued by Talpin and Jouvelot [TJ92; TJ94; Tal93] among others, and the use 
of monads, proposed by Moggi [Mog89: Mog91], and pursued by Wadler [Wad90: 
Wad92; Wad93; Wad95] among others. Effect systems are typically found in strict 
languages, such as FX [GJLS87] (a variant of Lisp), while monads are typically 
found in lazy languages, such as Haskell [Has98]. 
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In his pursuit of monads, Wadler wrote the following: 

. . . the use of monads is similar to the use of effect systems .... An 
intriguing question is whether a similar form of type inference could 
apply to a language based on monads. [Wad92] 

Half a decade later, we can answer that question in the affirmative. Goodness 
knows why it took so long, because the correspondence between effects and monads 
turns out to be surprisingly close. 

The marriage of effects and monads. Recall that a monad language introduces 
a type T r to represent a computation that yields a value of type t and may have 
side effects. If the call-by-value translation of t is t\ then we have that (r — > t')\ 
where — > represents a function that may have side effects, is equal to — > Tt'', 
where — > represents a pure function with no side effects. 

Recall also that an effect system labels each function with its possible effects, so 
a function type is now written r A r', indicating a function that may have effects 
delimited by a. 

The innovation of this paper is to marry effects to monads, writing 1" r for a 
computation that yields a value in r and may have effects delimited by a. Now we 
have that (r -4 r')t is r+ -» 1" r't. 

The monad translation offers insight into the structure of the original effect sys- 
tem. In the original system, variables and lambda abstractions are labelled with 
the empty effect, and applications are labeled with the union of three effects (the 
effects of evaluating the function, the argument, and the function body). In the 
monad system, effects appear in just two places: the 'unit' of the monad, which 
is labeled with the empty effect, and the 'bind' of the monad, which is labeled 
with the union of two effects. The translation of variables and lambda abstractions 
introduces 'unit', hence they are labeled with an empty effect; and the translation 
of application introduces two occurrences of 'bind', hence it is labeled with a union 
of three effects (each U symbol in a U a' U a" coming from one 'bind'). 

Transposing effects to monads. Numerous effect systems have been proposed, 
carrying more or less type information, and dealing with differing computational 
effects such as state, continuations, or communication [GL86; Luc87; JG89; TJ92; 
TJ94; Tal93; NNA97]. Tofte and others propose a system for analysing memory 
allocation based on effects [TT94; TB98]. Java contains a simple effect system, 
without effect variables, where each method is labeled with the exceptions it might 
raise [GJS96]. 

For concreteness, this paper works with a type, region, and effect system based 
on proposals by Talpin and Jouvelot [TJ92; Tal93; TJ94], where effects indicate 
which regions of store are initialised, read, or written. Talpin and Jouvelot's results 
transpose in a straightforward way to a monad formulation. It seems clear that 
other effect systems can be transposed to monads in a similar way. 

Applications. In Glasgow Haskell, the monad ST is used to represent computa- 
tional effects on state [PW93; LP94]. All effects on state are lumped into a single 
monad. There is no way to distinguish an operation that reads the store from one 
that writes the store, or to distinguish operations that write two distinct regions of 
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the store (and hence cannot interfere with each other). The type, region, and effect 
system of Talpin and Jouvelot addresses precisely this problem, and the monad- 
based system described here could be applied directly to augment any particular 
instance of the ST monad with effects. 

In fact, the letregion construct [TT94; TB98] (which was originally named 
private [LG88]) corresponds closely to the runST operator in Glasgow Haskell, 
where the index type plays the role of a region. For the one-region case, this 
connection has been formalized and proved correct for a simple call-by-value lan- 
guage with runST [SS99]. An alternative approach to monadic encapsulation uses 
a constant run with an interesting higher-order type [MP99]. In that approach, 
the monadic code is abstracted over the monadic operations, which are provided 
through the run constant. 

Similarly, in Haskell the monad 10 is used to represent all computational effects 
that perform input/output [PW93; PH97]. Dialects of Haskell extend this to call 
procedures written in other languages [PW93; FLMP99], deal with concurrency 
[PGF96], or handle exceptions [PRH+99]. Again, all effects are lumped into a 
single monad, and again a variant of the system described here could be used to 
augment the 10 monad with effects. 

Monads labeled with effects can also be applied to optimizing strict languages 
such as Standard ML. Whereas Haskell requires the user to explicitly introduce 
monads, Standard ML can be regarded as implicitly introducing a monad every- 
where, via Moggi's translation from call-by-value lambda calculus into a monadic 
metalanguage. The implicit monad of Standard ML incorporates all side effects, 
including operations on references and input-output, much like a combination of 
Haskell's ST and 10 monads. As before, labeling the monad with effects can be 
used to delimit the scope of effects. In particular, where the monad is labeled with 
the empty effect, the corresponding expression is pure and additional optimizations 
may be applied. Or when the monad reads but does not write the store, certain 
operations may be commuted. This technique has been applied to intermediate lan- 
guages for Standard ML compilers by Tolmach [Tol98] and by Benton, Kennedy, 
and Russel [BKR98]. Our work can be regarded as complementary to theirs: we 
provide the theory and they provide the practice. 

Summary of results. Talpin and Jouvelot present (i) a type system with effects, 

(ii) a semantics, with a proof that types and effects are consistent with the semantics 

(iii) a type and effect reconstruction algorithm, with a proof that it is sound and 
complete. We review each of these results, following it by the corresponding result 
for the monad system. We also recall the call-by-value translation from lambda 
calculus into a monad language, and show that this translation preserves (i) types, 
(ii) semantics, and (iii) the principal types derived by the reconstruction algorithms. 

By and large, we stick to the notation and formulation of Talpin and Jouvelot 
[TJ92; Tal93; TJ94]. However, we differ in a few particulars. 

Talpin and Jouvelot [T .192] use a simplified treatment of the polymorphic binding 
let x = v in e. While their type inference algorithm makes use of type schemes, 
their correctness proof elides them by assuming that let x = v in e is expanded to 
e[x := v\. In contrast, here we use standard type schemes throughout. 

In subsequent work [TJ94; Tal93], Talpin and Jouvelot also adopt type schemes 

ACM Transactions on Computational Logic, Vol. TBD, No. TBD, TBD 20TBD. 



4 • P. Wadler and P. Thiemann 

throughout. However, they go beyond the present framework in admitting non- 
values to have polymorphic types. To achieve this goal, they refine effects to also 
include the type of the effected reference and have the generalization step only 
abstract those variables that are neither mentioned in the type environment nor in 
the current effect. In addition, their calculus includes implicit effect masking in the 
style of letregion. 

Also, Talpin and Jouvelot follow the classic work of Tofte [Tof87], using an 
evaluation-style operational semantics ('big step'). In contrast, we follow the ap- 
proach of Wright and Felleisen [WF94] and use an operational semantics based on 
reduction ('small step'). As noted by Wright and Felleisen, this leads to a sim- 
pler proof: instead of a complex relation between values and types (specified as 
a greatest fixpoint), we can use the existing type relation (specified by structural 
induction). 

The monad translation we use is standard. It was introduced by Moggi [Mog89; 
Mog91], and has been further studied by Hatcliff and Danvy [HD94] and Sabry 
and Wadler [SW97]. Our reduction semantics for the monad is new. It most 
closely resembles the work of Hatcliff and Danvy, but they did not deal with state 
and therefore did not have to distinguish between pure reductions and those with 
computational effects, as we do here. 

This paper is a revised version of [Wad98]. Changes include the use of type 
schemes (as in [TJ94; Tal93]); the use of an optimized monad translation (which 
greatly simplifies the proof that the translation preserves the semantics): the in- 
troduction of evaluation contexts in the operational semantics (which follows more 
closely the development of Wright and Felleisen); and the correction of a some 
errors in the original (for instance, rule (getO) should not have been included in 
Monad) . 

The results are all obtained by straightforward application of well-known tech- 
niques. We do give some proofs to illustrate minor unexpected technical subtleties. 
However, in general results for effect systems transpose to monads without much 
effort. 

Value polymorphism. Some care is required when mixing computational effects 
with polymorphic types, lest soundness be forfeit. One approach, due to Tofte 
[Tof87] and used in the original SML [MTH90], introduces 'imperative' type vari- 
ables in the presence of computational effects. Numerous other approaches have 
been suggested, including some based on effects [Wri92; TJ94]. However, by far 
the simplest is value polymorphism. This approach was noted by Tofte [Tof87], 
promoted by Leroy [Ler93] and Wright [Wri95], and used in the revised SML 
[MTHM97] . It restricts polymorphism to values, a subclass of expressions that 
can have no computational effects. Talpin and Jouvelot [TJ92] used value poly- 
morphism, and we do so here. 

There is a potential problem. Moggi's original monad translation was monomor- 
phic. How should it be extended to polymorphism? Several years ago Eugenio 
Moggi, John Hughes, and Philip Wadler held a discussion where they attempted 
to add polymorphism to the translation and failed. However, they did not consider 
value polymorphism, which was less popular back then. 

In this paper, we extend the monad translation to include value polymorphism. 
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The extension is presented for the monad system with effects, but applies equally 
well when effects are absent. In retrospect, the extension seems obvious, since the 
monad translation handles values specially. Indeed, similar uses of value polymor- 
phism have been proposed by Harper and Lillibridge [HL93] (for CPS with call/cc) 
and by Barthe, Hatcliff, and Thiemann [BHT98] (for a configurable monadic met- 
alanguage in the style of Pure Type Systems) . 

One might say that value polymorphism fits monads to a 'T'. 

Outline. The remainder of this paper is organised as follows. Section 2 introduces 
the effect type system and the corresponding type system for monads, it introduces 
the monad translation and shows that it preserves types. Section 3 presents an 
operational semantics for effects and a corresponding semantics for monads, shows 
each semantics sound with respect to types, and shows that the monad translation 
preserves semantics. Section 4 presents a type, region, and effect reconstruction 
algorithm for effects and a corresponding algorithm for monad, shows each algo- 
rithm is sound and complete, and shows that the monad translation relates the two 
algorithms. Section 5 concludes. 

2. TYPES 

This section introduces two languages and their type systems, and the translation 
between them. The first language, Effect, is a call-by-value lambda calculus with 
operations on a store. Its type system includes regions and effects. The second 
language, Monad, is based on Moggi's monadic metalanguage extended with the 
same store operations, and with a type system augmented by the same regions and 
effects. We extend the usual monad translation to include effects, and show that it 
preserves typings. 

2.1 Types for Effect 

The language Effect and its type system is shown in Figure 1. There are three 
syntactic classes, values, non-values, and expressions. A value is either an identifier, 
a lambda abstraction, or a recursive function binding. A non-value is either an 
application, a polymorphic let binding for values, a monomorphic ilet binding 
for expressions with imperative effects, or one of three primitive operations on the 
store, which allocate a new reference, get the value of a reference, or set a reference 
to a new value. An expression is either a value or a non-value. 

A region is either a region variable or a region constant. An effect is either an 
effect variable, the empty effect, the union of two effects, or one of three effects 
corresponding to the three operations on the store, each of which is labelled with 
the region of store affected. Equality on effects is modulo the assumption that U is 
associative, commutative, idempotent, and has 0 as a unit. We write a □ er' when 
a = ffUff'. 

A type is either a type variable, a function type (labelled with the effect that 
occurs when the function is applied), or a reference type (labelled with the region 
in which the reference is located). A type scheme f has the form Va,7,^.T where 
a, 7, s are (possibly empty) sequences of type, region, and effect variables. 

A type environment E maps identifiers to type schemes. We write E x for the 
environment with x removed from its domain, {x h-> f } for the environment that 
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x G Id 
v G Val 
n G NonVal 
e G Rep 



n 



x | Az. e | rec x. \x' . e 

- e e' ilet a; = e in e' | let x = v in e | new e | get e | set e e' 



e ::= w n 



r G RegConst 
7 G RegVar 

p G Region p ::= 7 | r 
? G SifFar 

ct G -Bffeci cr ::= ^ I 0 I cr U cr' I init(p) | read(p) | write(p) 

a G TyVar 
t G Type 



r ::= a I r A r' ref „ t 



f G TyScheme f ::= Vcv, 7, <^.t 
£ G TyEnv = Id — > TyScheme 
0 G Sw&si 



(TyVar-)- T?/pe) x (RegVar ^ Region) x (EffVar -» Effect) 



(var} 



t y t 



£ X U {x t-t T}\- eS x :t\ 



(does) 



£ h e ff e : t ! o" cr' □ cr 
£ h eff e : r ! er' 



(abs) 



£ x U {a; h-> r} h e ff e : t' ! cr 
£ r- eff Aa:. e : t 4 r' ! 0 

£ h eff u : r ! 0 



(app) 



£ h e ff e : r — > r' ! a £ h e ff e' : t ! cr' 



{let)- 



£ heff e e' : r' ! cr U cr' U cr" 
£3 U {a; i-> gen(£, r)} h e g e : t' ! cr 



£ h e ff let x = v in e : r' ! a 



, . £ h e ff e : r ! cr £z U {a: i-» r} h eff e' : r' ! cr' 
£ h e ff ilet a; = e in e' : r' ! cr U cr' 

^ ^ U {a: i-> r A t'. a:' i-> r} h eff e : t' ! cr 
£ h e ff rec x. Ax' . e : r — > r' ! 0 

, . £ heff e : t ! cr 

( newj-pr-, : i — — — : — r^T 

t h e ff newe : ref p r ! cr U init(p) 



(get} 



£ h e ff e : ref p t ! cr 
£ h e ff get e : r ! cr U read(p) 



£ h e ff e : ref p r ! cr £ h e ff e' : r ! cr' 
£ h e ff set ee' : t ! a U cr' U write(p) 



Fig. 1. The effect calculus, Effect 
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e € MonExp e ::= x \ Ax. e | rec x. e | e e' | let i = e in e' 

| <e> | let x e in e' new e | get e | set e e' 

t e MonType r ::= a \ r -> r' | T* 7 r ref p r 

f € MonTyScheme f ::= \/q,,j,^.t 

£ £ MonTyEnv = Id — » MonTyScheme 

6 £ Safes* = (TyVar -» MonType) x (RegVar -> Region) x (EffVar -» £^eci) 

f >- t . £ r- mon e : T CT r cr' □ tr 

( wr ) f rTTTTTTTT TT^ (rfoes)- 



fa: U {x h-> f } r- mon a; : t £ h mon e : T' 7 r 

/ t \ £e U {x I— > 7"} r" m on G : T . * 



£ I - mon Ax. 6 . T 7 s T £ I - mon G 6 . T 

/, A _gJ-monejT U {a: i-> gen(£,r)} 

1 mon c • ' 

£ r- mon let i = e in e' : t' 

, g Uon e : r £ r- mon e : V r ^U{xh>t} r- mon e' : T CT ' r' 

(unit)—r- t -» — (bind) — 1 — — , — ; 

v ' £ h mon <e> : T r v ; £ r- mon let x <S= e in e' : T ffU,T r' 

/ \ £c U {a; I— > t} r~ mon e : t , . £ l~mon 6 : t 

('"eel ?tt {new)—r, -i-n-i-w i 

v ' £ r- mon recx.e : r v ! £ \- mon newe : T lnlt ^ ref„ r 



I - mon ^ • ref p T £ I - mon ^ • ^" £ I - mon ^ 

£h mon gete:T read WT ^ £ h mon set e e' : T wrlte ^ r 



Fig. 2. The monad language. Monad 



maps identifier a; to type scheme t, £ U £' for the union of two maps with disjoint 
domains, and £ D £' when the first map contains the second. Similar notation will 
be used later for substitutions and stores. 

We write free(r), free(f ) and free(£) for the set of free type, region, and effect 
variables in a type, type scheme, or type environment. We write e[x := v] for the 
capture-avoiding substitution of value v for variable x in expression e, and we write 
free(e) for the free identifiers of an expression. 

We define generic instances and generalization in the usual way. A substitution 
9 maps type variables to types, region variables to regions, and effect variables to 
effects. We say that type scheme f ' is a generic instance of the type scheme f, 
written f y f, if f = \/q,,j,^.t and f = Va', 7', f'.r' and there is a substitution 
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9 such that r' = 9t, where the domain of 9 is restricted to the free variables of r 
(that is, dom(#) = {a./y,^}) and the bound variables of f' are not free in f (that 
is, {a',7',C'} n free(f) = 0). We say that type scheme f is the generalization of 
type t with respect to environment £, written f = gen(£, t), if f = Va, 7, <T.t where 
{a, 7, <f} = free(r) \ free(£) . 

A typing £ \- e g e : r ! <r indicates that expression e yields a value of type r and 
has effect delimited by a, where the type environment £ maps the free identifiers 
of e to types. 

In the rule for abstraction, (abs), the effect is empty because evaluation imme- 
diately returns the function, with no side effects. The effect on the function arrow 
is the same as the effect for the function body, because applying the function will 
have the same side effects as evaluating the body. In the rule for application, (app), 
the effect is the union of the effects for evaluating the function, evaluating the 
argument, and applying the function. 

Each let binding construct comes with its own typing rule. Rule (let) handles 
polymorphic let binding of values, and rule (ilet) handles monomorphic ilet bind- 
ing of expressions with imperative effects. Rules (let) and (var) use type schemes 
in the usual way. 

Rule (does) permits a form of subeffecting. Effects indicate an upper bound on the 
side effects an expression may have, and so may always be made larger. The rules 
for the three primitive operations, (new), (get), and (set), add the corresponding 
effect to the effects for their arguments. The region in the effect matches the region 
in the reference type. 

The following lemmas are standard results for type and effect systems. They 
state that syntactic values have no effects and that substitution of values preserves 
typing. Their proofs are straightforward. 

Lemma 2.1. (Values are pure) If £ \- e g v : r ! a then £ h e ff v : r ! 0. 

Lemma 2.2. (Value substitution) Let £ = £ x U {a; h-> t}. If £ \- e g e :t' \a and 
£ h e ff v : t ! 0 then £ \- e g e[x := v] : r' ! a. 

2.2 Types for Monad 

Whereas Effect is a call-by-value language, with side effects occuring when any 
expression is evaluated, Monadis a call-by-name language, with side effects occuring 
only at top-level. All computations with side effects are represented by the new 
monad type. 

We use call-by-name for monads to stress the relation to Haskell. Like Plotkin's 
CPS translation, the image of Moggi's monad translation is indifferent: it delivers 
identical results regardless whether the monad language uses call-by- value or call- 
by-name [Plo75; HD94; SW97]. 

The language Monad and its type system is shown in Figure 2. The distinction 
between values and expressions is no longer relevant for polymorphism, since evalu- 
ation has no side effects. However, there are monad values which serve as results of 
a computation in Monad. Expressions are extended with two new forms for manip- 
ulating monads (we describe these shortly). Regions and effects are as before. The 
function type x 4 t' of before is here broken into the pure function type r — > r' , 
and the monad type 1" r, representing a computation that yields a value of type r 
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and has effects delimited by a. 

The monad unit <e> denotes the computation that immediately returns the 
value of e, with no effects. Hence in {unit) the effect is empty. The monad bind 
let x <= e in e' denotes the computation that first performs computation e. binds 
x to the result, and then performs computation e'. Hence in (bind) the effect is the 
union of the effects of its two subcomputations. (The forms <e> and let x <= e in e' 
are written in Haskell as return e and e >>= Xx. e', respectively.) 

Polymorphic binding let x = e in e' is distinct from monad bind. Since expres- 
sions have no side effects, there is no need to restrict polymorphism to values. The 
remaining rules are straightforward adjustments of the previous forms. The three 
primitive operations, since they involve computational effects, have monad types. 

2.3 The translation 

Figure 3 shows the translation from Effect to Monad. It is a typed call-by- value 
monad translation, similar to the standard translation given by Sabry and Wadler 
[SW97]. The translation given here is optimized so as not to introduce certain 
'administrative' redexes. Although this makes the translation more complex, it 
simplifies the proof (to be given in the next section) that the translation preserves 
the semantics. 

We write for the translation of a type, for the translation of a value, e* for 
the translation of an expression, and ft for the translation of a type environment. 

As is well known, the monad translation preserves typing, a property that con- 
tinues hold for our systems with effects. 

Proposition 2.3. (Translation preserves types) 

—If £ r- eff v : t ! 0 then f f r- mon : T f . 
— // f hen- e : t ! a then ft r- mon e* :1"t^. 

The proof is by induction on the structure of type derivations. 

The translation of let works out neatly thanks to value polymorphism. Whereas 
the translation of an expression is in a monad, and so must be bound with the non- 
polymorphic monad bind, the translation of a value is not in a monad, and can 
safely be bound with the polymorphic let. 

The figure also shows the grammar of expressions and types in Monad that are in 
the image of the translation from values, expressions (after closure under reduction), 
and types in Effect. In the image, application always has some translated value for 
function and argument, ordinary let always binds to a translated value, and monad 
unit always contains a translated value. 

3. SEMANTICS 

This section presents operational semantics of the two languages. The reduction 
system for Effect is standard, save for instrumentation to trace operations on the 
store, which is used to demonstrate consistency between semantics and effects. The 
reduction system for Monad appears to be new, even without the instrumentation. 
It resembles that of Hatcliff and Danvy [HD94], but differs in distinguishing two 
sorts of reductions, those that may have side effects and those that do not. For both 
effects and monads, we show that the type and effect system is sound, modifying the 
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a 

(r ^ t>) 
(ref„r) 
(Va,7,?.r) 



T t T <x T 't 
ref p 



(Ax. e)^ 




Ax. e* 






(reci. Ax'. e)t 




reci. Ax', e 


* 












(ne)* 




let x 


n* 


in (x e)* 


(d n)* 




let x <= 


n* 


in (v x)* 


(««')• 




uV* 






(let i = ti in e)* 




let x = 




in e* 


.let x = e in e')* 




let x -£= 


e* 


in e'* 


(newn)* 




let x n* 


in (newx)* 


(newt))* 




newt)' 






(getn)* 




let x <= 


n* 


in (get x)* 


(get?;)* 




get i)t 






(setne)* 




let x <= 


n* 


in (set x e)* 


(settin)* 




let x •<= 


n* 


in (set Ui)' 


(set v v 1 )* 




set i)t i)' 


t 




. T\ , . . . , X n . T n )^ 




xi : r^,. 


• • ; 


x„ : 



i> G TranVal v 
e G TranExp e 



■ x | Ax. e | rec x. Ax', e 
v v' | let x = v in e | <i)> | let x 
| new?) | get i; | settiii' 



f G TranType f :: 



t — > T CT t' I ref„r 



Fig. 3. Translation from Effect to Monad 



results of Wright and Felleisen [WF94] to take effects and monads into account. We 
also show that the translation preserves semantics, in that it preserves instrumented 
reduction. 

3.1 Semantics for Effect 

The operational semantics for Effect is shown in Figure 4. Locations I are a desig- 
nated subset of the variables. By convention, a location is never used as the bound 
variable in a lambda or let expression. A store s maps locations to values. A trace 
/ is the semantic equivalent of an effect, where regions are replaced by locations. 
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I £ Location C Id 

s G Store = Location — > Value 

f £ Trace f ::= 0 | / U /' | init(Z) | read(/) | write(Z) 

EvaluationContext E ::= [] | E e \ v E | ilet x = E in e 

new_E | get_E | seti?e | settiE 



(6eia) s,(Aa;.e)i> — > e g s,e[x:=v] 

(rec) s, (rec x. Xx 1 . e)v -^-> e ff s, (Xx 1 . e[x := rec x. Xx 1 . e])v 

(letv) s, let i = « in e — — *- e ff s, := i>] 

(let) s, ilet a: = v in e -^-> e ff s,e[x:=i;] 

(new) s.newti — ^ e ff sU{(n»},l fresh I $ dom(s) 

, . ,, - read(Z) ,, , 

(get) si U {< h-> uj, get Z — >■ e ff U {« h-» uj, u 

, . n -. i / write(j) ,, ... , 

(set) Sj U {< h-> w). set < ir — >• e ff s/U{<H-w).w 

. s.e -?-t e f[ s',e' , . s.e -A e ff s',e' 

(context) ^ (srepj j- 



s, £[e] — >- eff s', £[e'] s, e — » e ff s', e' 

(re/0 g (iron) — 

"effS,e Sj6 ^4 eff s »y< 

Fig. 4. Semantics for Effect 



If / dom(s), we write sU{Ih)»} for the store that maps location I to value v 
and otherwise behaves like s. We let s/ range over stores that do not bind I, that 
is, I $ dom(s;). 

An evaluation state is a pair s.e where all free variables of e are locations in 
s (free(e) C dom(s)) and the same holds for all stored values (V/ £ dom(s), 

free(s(Z)) C dom(s)). A single reduction step is written s,e — > e g s',e', where 
s, e is the state before the step, / is a trace of the effect of the step, and s', e' is the 
state after the step. 

Rule (beta) specifies function application; the language Effect is call-by-value as 
the argument must be a value for the rule to apply. The rule leaves the store 
unchanged and is labeled with an empty effect. Rules (rec) and (let) are similar. 
Rules (new), (get), and (set) perform actions on the store and have corresponding 
effects. Rule (context) forms the contextual closure of reduction with respect to 
evaluation contexts. An evaluation context E is an expression with a hole in place of 
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I £ Location C Id 

s £ Store = Location — > MonExp 



Monad context M 
Operator context O : 



:= [] | let x <= M in e 
get[] | set[]e 





Pure context 


P::=[ 


] | Pe 


(beta) 


(Aa;. e')e 


^mon 


e'[x := e] 


(rec) 


recx. e 


^"rnon 


e[x := rec x. e] 


(let) 


let x = e in e' 


^mon 


e'[x := e] 


(bind) 


a, let a; <^= <e> in e' 


0 

'mon 


a, e'[x := e] 


(new) 


s, newe 


init(/) 

^ mon 


sU{!4e},<!> fresh 


(get) 


s; U {/ h-> e},getZ 


read(i) 

^ mon 


s; U {/ h-> e}, <e> 


(set) 


s/ U {/ h-> e}. set I e' 


write(/) 

^ mon 


s/ U {/ h-> e'}, <e'> 



s e -A s' e 
(monad) - . 111011 — - (operator) 



a, M[e] -A mon a', M[e'] ' a, 0[e] — > mon a, 0[e'] 

P[e] -^ mon W\ 



I ^ f v / / 

(pure) pr ^ 1 dCTT (seep) j 

S, 6 ^mon ^ j ^ 



(reft) 1 (tran) 



S. 6 ^mon S , 6 S , 6 ^mon S ■> & 



s - f — *- e a,e 7 {>,„„„ a",e" 



Fig. 5. Semantics for Monad 



the next sub-expression to be evaluated. Defining E ::= [] \ E e \ v E \ . . . specifies 
the order of evaluation, since the function in an application must be reduced to a 
value before the argument is elegible for reduction. The handling of the operations 

on the store is similar. Finally, rules (step), (refl). and (tran) specify — » er v as the 

/ 

reflexive and transitive closure of — > e g. 

There are additional judgements to relate stores to type environments, and traces 
to effects. Write £ \- e g a if dom(s) = dom(£) and, for each I € dom(s), if £ (I) = 
ref p r then £ h eff s(l) : r ! 0. Write £ |= eff / ! a if 

for each init(Z) in / we have £(l) = ref p T and init(p) C er, 
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for each read(Z) in / we have £(l) = ref p r and read(p) C a. 
for each write(Z) in / we have £{V) = ref p r and write(/3) C a. 

Write £ h e ff s, e : r ! a if s, e is an evaluation state and £ \- e g s and £ \- e g e : r ! a. 
Reduction preserves types and is consistent with effects. 

Proposition 3.1. (Subject reduction) 

If £ l~eff s,e : t ! a and s,e — > e s s',e' then there exists some £' D £ such that 
£' h e ff s', e' : t ! a and £' |= e ff / ! a . 

f 

The proof is by case analysis on the definition of s, e — » e ff s',e'. 
The form of a value is determined by its type. 

Lemma 3.2. (Canonical forms) 
Let s,v be an evaluation state and £ \- e g s,v : t ! 0. 

( 1 ) If ' t = t' t" then v is either Xx. e or rec x. Xx 1 . e. 

(2) If t = refp t then v is a location I € dom(s). 

The proof is by case analysis on r. 

A well-typed evaluation state is never stuck. 

Proposition 3.3. (Progress) 
Suppose £ r- e ff s,e : r ! a. Either e is a value or there exists s',e' and f such that 

f it 

s,e — > e s s ,e . 

The proof is by induction on the derivation of £ \- e g s,e : t\<j. The complete proof 
is given in Appendix A.l. 

Write s, e fffff if there is an infinite reduction 

s,e > e ff Si, ex — > e ff S2,e 2 — ^ e ff • • • 

with / = U /«• Then we have the following. 

Proposition 3.4. (Type soundness) 
If £ h e ff s, e : t ! a then there exists £' D £ so that either 

— s, e frf ff and £' \= eS f\a, or 

— s, e — »- e ff s' , v and £' h e ff s' ,v : r ! 0 and £' |= e ff / ! a. 

Type soundness is an immediate corrollary of progress. 

It is interesting to consider which expressions would give problems during eval- 
uation. An evaluation state s,e is stuck if e is not a value and there is no f,s',e' 
f 

such that s, e — > e ff s' , e' . A simple case analysis shows that a state is stuck if and 
only if it has one of the following forms: 

e = E[vv'], where v is a location, 

e = E[getv], where v is not a location or v dom(s), or 
e = E[setvv'], where v is not a location or v ^ dom(s). 

Stuck expressions are not typable. 
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3.2 Semantics for Monad 

Figure 5 shows the operational semantics for Monad. Locations and traces are as 
before, but a store now maps locations to expressions. There are two notions of 
reduction. 

Pure reductions do not access the store and have no effect. They are written 
e — > m0 n e'. Rule (beta) specifies function application; the language Monad is call- 
by-name as the argument need not be a value for the rule to apply. The rule is 
pure and makes no reference to the store. Rules (rec) and (let) are similar. 

Monadic reductions perform sequencing and execute the operations on the store. 

They may have an effect and are written s,e — > m0 n s,e'. Rule (bind) simplifies a 
monadic bind of a monadic unit; it leaves the store unchanged and is labeled with 
an empty effect. (But it is not a pure operation: this prevents reduction of ill-typed 
expressions such as (let x <= <(Xy. y)> in x)z, where the monadic expression is not 
at top-level.) Rules (new), (get), and (set) perform actions on the store and have 
corresponding effects. 

There are three sorts of contexts, monad contexts M, operator contexts O, and 
pure contexts P, and three corresponding context rules. Rule (monad) forms 
the contextual closure of monadic reductions over monadic reductions through a 
monad context M; rule (operator) forms the contextual closure of monadic re- 
ductions over pure reductions through an operator context O; and rule (pure) 
forms the contextual closure of pure reductions over pure reductions through a 
pure context P. (These rules permit reduction of sensible expressions such as 
(Ay. let x <^= <y> in x)z, where an application yields a monadic expression at top- 
level.) Since the monad language is call-by-name, pure contexts do not reduce the 
argument of a function. Since expressions, not values, are placed in the store, op- 
erator contexts neither reduce the argument of new nor the second argument of 
set. 

As before, rules (step), (refl), and (tran) specify — » mon as the reflexive and 

transitive closure of — > mon . The relations £ h mon s, £ h mon s,e : r, and £ |= mon 
/ ! a are defined, mutatis mutandis, as for Effect. 

As before, reduction preserves types and is consistent with effects. 

Proposition 3.5. (Subject reduction) 

— If £ l~mon e : r and e — > mon e' then £ h mon e' : tau. 

— If £ h mon s,e -.I" t and s, e — > m0 n s' , e' then there exists some £' D £ such that 
£' ^mon s 1 ,e' :1 a t and £' |= mon f\a. 

The proof is by induction on the definitions of e — > mon e' and s, e — > mon s' , e' . 
We define values for the calculus Monad as follows. 

v e MonVal v ::= I \ Xx. e \ <e>. 

As before, the form of a value is determined by its type. 

Lemma 3.6. (Canonical forms) Let s,v be an evaluation state and £ h mon s,v : 

T. 

(1) If t = t' -> t" then v = Xx. e. 
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(2) Ifr = T V then v = <e>. 

(3) If t = refpT then v = I € Location and I € dom(s). 

The proof is by case analysis on r. 

As before, a well-typed evaluation is never stuck. 

Proposition 3.7. (Progress) Suppose that £ r- mon s,e : t. Then either e e 

MonVal or there exist f,s',e' such that s,e — > m0 n s',e'. 

The proof is by induction on the derivation of £ \- e g s, e : r ! a. 
As before, type soundness is an immediate corrollary of progress. 

Proposition 3.8. (Type soundness) If £ r- mon s,e : t then there exists £' D £ 
so that either 

— s > e 1r4on an d £' Nmon / ! O, Or 

— s, e -4 mon s', v and £' r- mon s',v : r and £' |= mon / ! o. 

In both cases, if t = 1" t' then a = a' , otherwise a = 0. 

As before, it is interesting to consider which expressions would give problems 
during evaluation. Now an evaluation state s, e is stuck if one of the following 
conditions holds: 

e = M[0[P[v e]]], where v is not a lambda, 
e = M[let x <= v in e], where v is not a monad unit, 
e = M[getu], where v is not a location or v dom(s), 
e = M[setue], where v is not a location or v $ dom(s). 

Again, stuck expressions are not typable. 
3.3 Translation 

It is well known that the monad translation preserves semantics, and this property 
continues to hold for the instrumented semantics. A key to the correspondence is 
that if a term in Effect is translated to Monad then the resulting term has subterms 
of the form e' e or ilet x = e in e' or <e> only when e is the image of an Effect- 
value, that is, only when e has the form v. 

If s is a store in Effect, then we write for the corresponding store in Monad, 
where s^(l) = (s(l))^ for each I € dom(s). 

Translation commutes with substitution of Effect-values. 

Lemma 3.9. For all e e Exp and v e Val, e*[x := v*] = (e[x := v])* . 

Formally, preservation of semantics corresponds to a simulation result between 
Effect and Monad. The reduction of a term in Effect runs almost in lock-step 
with the reduction of its image in Monad. Sometimes an additional administrative 
reduction is required. For instance, consider a reduction in Effect, 

n V — » e ff v V 

f 

where n* — > m0 n (disregarding the store component for simplicity). The image 
of this reduction in Monad is given by 

(n v 1 )* = let x n* in x v 1 ^ ^-> mon let x <= <v^> in x v'^ — > mon ^ v'^ = (v v')* 
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which requires one extra administrative reduction. Hence, each reduction in Effect 
gives rise to one or two corresponding reductions in Monad. 

Another peculiarity arises in the translation of stuck terms. Given a stuck term 
in Effect, its image in Monad can sometimes perform one reduction step before it 
gets stuck, too. This is a consequence of translating the call-by-value recursion 
operator in Effect to a call-by-name recursion operator in Monad. If the original 
term is stuck because of some rec x. Xx 1 . e, then the translated term must unwind 
the recursion once before it becomes stuck, too. 

Proposition 3.10. (Translation preserves semantics) 
(1) If s,e -^-» e ff s' ,e' then either s\e* -^ mon s'\e'* , or s\ e* -^-> m0 n s't, eo and 



The proofs of 1 and 4 are by induction on the definitions of — > e g , and the proofs of 

2 and 3 are by induction on — » e g . The complete proofs are given in Appendix A. 2. 

As mentioned in the previous section, the proof is considerably simplified by the 
use of an optimizing translation. The non-optimized translation introduces many 
additional administrative redexes, which obscure the correspondence between the 
effect and monad systems. 

Another choice which simplifies the proof is the use of two syntactically distinct 
forms for let, a polymorphic let binding of values and a monomorphic let binding 
of expressions with imperative effects. Without this distinction, it is still possible 
to obtain a simulation result, but at the price of a contrived monad translation. 

Note that the image of the translation does not include all possible stuck ex- 
pressions in Monad. In particular, the P context is always trivial because the 
monad translation moves computations out of the argument positions. The monad 
translation also guarantees that the reduction (bind) never gets stuck. 

4. TYPE RECONSTRUCTION 

This section presents type, region, and effect reconstruction algorithms for the two 
languages. The reconstruction algorithm for Effect, due to Talpin and Jouvelot, 
closely resembles Milner's original type reconstruction algorithm [Mil 78]. Effects 
are handled by accumulating a set of constraints, similar to the handling of subtypes 
in Mitchell's inference algorithm [Mit91]. It is straightforward to transpose the 
reconstruction algorithm from Effect to Monad. Both algorithms are sound and 
complete, and typings yielded by the two algorithms are related by the translation 
between the two languages. 

4.1 Unification 

A substitution maps type variables to types, region variables to regions, and effect 
variables to effects. The substitution id is the identity substitution. Substitutions 
and the unification algorithms for Effect are shown in Figure 6, and the modifica- 
tions for Monad are shown in Figure 7. 
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(2) If s,e -^-» e ff s',e' then s\e* -^-» mon s'\e'* . 
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The marriage of effects and monads • 17 



0 G Subst = ( TyVar -» Type) x (RegVar -» Eegion) x (EffVar -» itffeci) 
W e ff(a, a') = {a H- a'} 

t4ff(o!,T) = if a G free(r) then fail else {a h-> t} 

W eff (T, a) = W e ff(a,r) 

W e ff(ro A n,^ 4 r{) = let 61 = f '} 

6' =U eS {6r Q ,6^) 
6" =U eS (6'9T 1 ,9'9T[) 
in 0"0'0 

U e s(ref^ t, refy r') = let 0 = {7 h-> 7'} 

6' =U eS {6T,6T') 
in 0'0 

W e ff(-,-) = fail 
Fig. 6. Unification of Effect Types 



6 £ Subst = (TyVar -» MonType) x 

W mo „(T e t, T s ' r') 
Fig. 7. Changes to the uni 



(RegVar^ Region) x (EffVar^ Effect) 

= let 6> = W mo „(T 0 ,^) 
6" = U mon {0Ti,6T[) 
in 0'0 

= let 0 = h> f '} 

9' =U mon (9r,6T') 
in 0'0 



ion algorithm for Monad 



k E Constraint = 
ix G EffModel 

AC(0) = id 
□ a} U k) = let = 



p( x Sjfeci) 

£jf Far -» £#eci 

/C(k) in {<? h-» <t U /x((t)} o yu 



Fig. 8. Constraints 
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to g Var = TyVar+ RegVar+ EffVar 

t G TyScheme f ::= Vcj. (r, k) 

£ G TyEnv = Id -» TyScheme 

X e ff(£,K.x) = let new cj' 

Vw. (r, k') = £ (a;) 
0 — i — y Co'} 
in (id,0r, 0,kU0k') 

Tes(£, k. \x. e) = let new q,^ 

(0, t, a, k!) = Tes(£ x U {x i-» a}, k. e) 
in (0,0a 4 t,0,k' U {<r □ a}) 

X e ff (£, k, rec Ax', e) = let new a, a', <^ 

(0, r, cr, k 1 ) = I e ff(£x,x' U {a; h-> q a' , h-> a}, /t 
0' =U eS {6a',T) 
in (0'0, 0'0(a 4 a'), 0, 0'(k' U {0? □ a})) 

2eff(f, k, e e') = let new a, ^ 

(0, t, cr, k') = 2eff(£, k, e) 
{0',t',(t',k") =X eS (0£,K',e') 
0" =U eS (0'r,T' 4 a) 
in (0"0'0, 0"a, 0"(0'a U cr' U <;),0"k") 

I e g(£, k, let i = » in e) = let (0, r, 0, k') = X e ff (£, k, v) 

Co = (free(/C(K')r)) \ hee(K,(n')0£ ) 
«" = {"T 3 cr G k' I <T G w} 
k'" = K 1 \ k" 

{0', t', a, k""> = 2eff U {re k> Vw. (r, k")}, k'", 
in {0'0,t',(t,k"") 

2" e ff (£, ilet i = e in e') = let (0, t, cr, k') = I e s(£, k, e) 

{0', r', cr', k"> = 2eff U ^ r}, k', e) 

in (fl'fl.T'.CTUff'.K") 

Initial type environment 

£ (new) = Va, 7, (a ref 7 a, -{7 □ init(7)}) 
^ (get) = Va, 7, (ref 7 a a, □ read(7)}) 

£(set) = Vcv, 7, cr, c;'. (ref 7 cv a cv, {V □ write(7)}) 



Fig. 9. Type reconstruction for Effect 
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-^mon (£5 K, x) 
-^inon(^ K, Xx. g) 

^mon(^i k, rec e) 

2mon(^i /£, 6 6 ) 



2mon(^, k, let 1 = c in e') 



let new to' 

Vw. (t, k') = £(x) 

0 = {(!> H- w'} 
in (id,0r, k U 0k') 

let new a 

(0, t, k') = l mo „(£ x U {x 1 ^ q}, k, e) 
in (0,0a -» r, k') 

let new a 

(6,t,k') =Z m0 n(£x U {x i-> a},K,e) 

0'=W mon (0a,r) 
in (0'0,0't,0V) 

let new q 

(0, t, k ) = X mon (£, k, e) 

<0',T', K ")=T mon (0£ ;K ',e') 

0" =W mon (0'r,r' ->a) 
in (0"0'0,0"a, #"«'') 

let (0, r, k) = 2 mon (f , k, e) 

w = (free(/C(K')r)) \ free(/C(K')0£) 
K" = {c □ (7 6 k' j ? g w} 
k'" = k' \ k" 

(0', r', k""> = X mo „(0^ U {a; k> Vw. (r, k)}, k'", e') 
in <0'0,t',k"") 

let new <r 

(0, r, k') = I mon (£, /t, e) 
in (0,T s t,k') 

let new a, a', cr, cr', cr" 

(0, r, k') = I mon (£, /t, e) 
0' =W mo „(T,T e a) 

(0", r', k"> = X mon (f U{i4 0'a}, 0V, e') 
0"'=W mon (r',r'a') 
in (0"'0"0'0, T e " 0"'a', 0"'(k" U □ e"6\ U ?'})> 



Initial type environment 

£(new) = Va, 7, ^. (q — > T"" ref 7 a, -{5 □ init(7)}) 
£(get) = Va, 7, ^. (ref 7 a — > T s a, -{5 □ read(7)}) 
£(set) = Va,7,c'. (ref 7 a -» a -» T s ' a, {V □ write(7)}) 



2mon(<?) K ) <e>) 

2mon(£, k, let 1 e in e') 



Fig. 10. Type reconstruction for Monad 



ACM Transactions on Computational Logic, Vol. TBD. No. TBD, TBD 20TBD. 



20 • P. Wadler and P. Thiemann 



A key trick in the reconstruction algorithm is to ensure that all effects and regions 
are represented by variables, to simplify unification. A type, type scheme, type 
environment, or substitution is normalised if the only regions and effects it contains 
are variables. (This notion is also present in the work of Talpin and Jouvelot, but 
only implicitly.) 

The unification algorithms U e s(T,T') and U mon (T,T') take two normalised types 
and return a normalised substitution 9. 

Proposition 4.1. (Unification) LetU be one ofU e g orU mon . 

— (Sound) If 9 = U{t,t') then 9t = 9t' (with 0,t,t' normalised). 

— (Complete) If 0t = 6t' then there exist 9' and 9" such that 9' = U(t,t') and 
9 = 9"9' (with t,t',9' normalised). 

The proof is standard, as normalisation eliminates any potentially tricky cases. 

4.2 Constraints 

Constraints and the constraint solution algorithm are shown in Figure 8. A set of 
constraints k is a set of inequations of the form <; □ a. asserting that <; encompasses 
at least the effect a. 

A substitution [i is a solution of k, written /i |= k. if ^ □ [ia for each inequation 
<; □ a in n. Such a solution always exists. 

The constraint solution algorithm K.(k) takes a constraint set and returns a sub- 
stitution n which solves k. It assumes that effect variables on the left hand side 
of constraints in k are distinct, which can be achieved by repeatedly merging two 
constraints <; □ a and <; □ a' into one constraint <; □ a U a' . 

Proposition 4.2. (Constraint solution) 

— (Sound) K.(k) |= k. 

— (Complete) If \= k then [i = iioJC(k). 

The proof is given in Appendix A. 3. 

The algorithm is identical to the one in Talpin's thesis [TJ94; Tal93]. It computes 
a principal solution of the constraint set k, independently of the order in which the 
constraints are visited. (The algorithm is subtly different to their earlier algorithm 
Min [TJ92]. Algorithm Min yields a solution, which is minimal with respect to the 
ordering □ defined by fi □ // iff, for all <; € dom(^'), fi(s) □ //(s). Unfortunately, 
this ordering is not defined in their paper.) 

4.3 Reconstruction for Effect 

Type schemes and the reconstruction algorithm for Effect are shown in Figure 9. 
A different flavor of type schemes is introduced which fits better with the type 
inference. Following [TJ94; Tal93], such a reconstruction scheme has the form 
V(D. (t, k) where w is a sequence of type, region, or effect variables; the scheme is 
normalised if r is normalised. Such a scheme represents all types of the form 9t 
where 9 \= k and the domain of 9 is contained in Co. Reconstruction environments 
are taken to map identifiers to type schemes; the environment is normalised if all 
types in it are normalised. We write {<D h-> <D'} for a substitution, when Q and uj' 
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have the same length, and each has type, region, and effect variables in the same 
positions as the other. 

The reconstruction algorithm l e g(£, k, e) takes a normalised reconstruction envi- 
ronment £, an initial constraint set k. and an expression e, and returns a quadruple 
(6, t, a, k'), with 8 and r normalised. It fails if some unification within it fails. The 
substitution 8 is idempotent, and r, a, and k 1 are invariant under 8. The algorithm 
is essentially drawn from Talpin and Jouvelot's later work [TJ94]. 

To relate a reconstruction scheme to an equivalent type scheme, we exploit the 
algorithm for solving constraints in Figure 8. If f is a type reconstruction scheme, 
we define f = f ' where f = Va,7,?. (r, k) and f' = Va, 7, /C(k)(t). We define £ 
by pointwise extension: £ (x) = £(x) for each x € dom(£). 

To state completeness, we use the generic instance relation f y f' defined in 
Section 2. We define £ > £' by pointwise extension: it holds if £(x) y £'(x) for 
each x € dom(£). 

The reconstruction algorithm is sound and complete. 

Proposition 4.3. (Type reconstruction) 

— (Sound) IfX e ff(£, k. e) = (9. t. a. k!) and [i = K,(k') then [i9£ h e ff e : /it\ [ia , with 
£, 0, and t normalised. 

— (Complete) Let £ be a normalised reconstruction environment, let £' be a type en- 
vironment such that £ > £' , and let 8 |= k. If 6£' h e g- e : t\g then Z e ff(£. k, e) = 
(9 1 . t 1 . 0' . k!) and there exists a substitution 9" such that 8"9'£ > 8£' and r = 8"t' 
and a D 9" a' and 8" \= k! , with 8' and t' normalised. 

The proof for the first part is by induction on the structure of expressions, and for 
the second by induction on the structure of type derivations. (A similar proof is 
given by Talpin and Jouvelot [TJ94]. In their earlier work [TJ92], the proof skips 
the case of polymorphic 'let' binding, assuming such bindings have been expanded 
out.) 

Another way to obtain a reconstruction result would be to introduce arrow effects 
as proposed by Tofte and others [TT94]. In fact, type schemes with arrow effects 
are equivalent to the reconstruction type schemes introduced in the present section: 
simply replace each arrow effect <;.a by the effect variable <; and add the constraint 
? □ a. 

4.4 Reconstruction for Monad 

The reconstruction algorithm for Monad is shown in Figure 9. The unification 
algorithm, type schemes, and type environments are as before, with types for Monad 
replacing types for Effect, mutatis mutandis. Constraints carry over without change. 

The reconstruction algorithm X mon (£, k, e) takes a type environment £, an initial 
constraint set k, and an expression e, and returns a triple (8, t, k'), or fails if some 
unification within it fails. The reconstruction algorithm is easily transposed to the 
new setting. It has much the same structure as before, the largest difference being 
that effects are mentioned only in monad types, and effects in types are always 
represented by variables, so a few extra constraints are required. 

It is also easy to transpose the results regarding the algorithm. 

Proposition 4.4. (Type reconstruction) 
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— (Sound) Ifl mon (£. k, e) = (6. t. k') and ji = IC(k') then p,8£ h mon e : p,T, with £, 
9, and r normalised. 

— (Complete) Let £ be a normalised reconstruction environment, £' a type environ- 
ment such that £ y £' , and let 8 \= k. If 6£' h 

mon ^ • T then ^Z m on( < ^i ^) — 

(6',t',k') and there exists a substitution 8" such that 9"9'£ > 8£ and r = 8"t' 
and 8" |= k' , with 8' and r' normalised. 

4.5 Translation 

The two reconstruction algorithms yield results that are related by the translation. 
Write k ~ k' if for all p, we have p |= k if and only if p |= k'. The translation is 
extended to apply to reconstruction schemes by taking (V(Z>. (r, k))^ = V(Z>. (t^, k). 

Proposition 4.5. (Translation preserves type reconstruction) If l e g(£, k, e) = 
(8 1 ,t' ,a' , k!) and X mon (£^ , K.e*) = (6",t",k") then there exist <; and [i such that 
T ? 7"t = t' and 8' = fx8" and a' = ii<, and k 1 ~ /in" . 

The proof is by induction on the structure of expressions. 
5. CONCLUSIONS 

We have verified the conjecture, first broached half a decade past, that effect systems 
can be adapted to monads. We have demonstrated this for the specific case of the 
type, region, and effect system of Talpin and Jouvelot, but it seems clear that any 
effect system can be adapted to monads in a similar way. 
Here are points for future work. 

Denotational semantics. It is straightforward to provide semantics for effects 
and monads in a denotational style. In this semantics, the instrumentation can be 
factored out as a separate monad transformer. The factoring uses the well known 
result that if T X is a monad, then so is Ta X = T(X x A), where A is a monoid. 
In this case, A is taken to be the monoid of traces, with identity 0 and operator U. 

Coherent semantics. An alternative approach to denotational semantics might 
be to eliminate the instrumentation, and associate with each effect a a different 
monad T a . For state, one traditionally defines TX = S^-XxS where the store 
S is a mapping from locations to values. Here one might define T a r = S a — > X x S a 
where S a is a store restricted to contain only locations in regions p such that read(p) 
or init(p) is in a, and S a is a store restricted to contain only locations in regions 
p such that init(/3) or write(/3) is in a. Corresponding to each effect inclusion 
a C a' there should be a monad morphism T a — > T a . In order to ensure coherence 
in the style of Breazu-Tannen et al. [BCGS91], we should expect transitivity of 
inclusions to correspond to composition of the corresponding morphisms. 

A general theory of effects and monads. As hypothesised by Moggi and as born 
out by practice, most computational effects can be viewed as a monad. Does this 
provide the possibility to formulate a general theory of effects and monads, avoiding 
the need to create a new effect system for each new effect? 

Acknowledgements. Thanks to Mads Tofte, Jon Riecke, Matthias Felleisen, and 
J. -P. Talpin for comments on earlier drafts of this paper. 
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A. PROOFS 
A.l Progress 

Proposition 3.3 (Progress) 

Suppose £ r- e ff s,e : r ! a. Either e is a value or there exists s'.e 1 and f such that 
s,e — >eff s ,e . 

Proof. By induction on the derivation of £ h e ff s,e : t ! a. In each case, we 
have that £ h e ff s and £ h e ff e : t ! a. 

Case (var) c . T „T J_ t-^-. A value. 



■ e ff s and £ r- eff e : 

f y t 


r! 


(T. 


£ x U{xt-> T } heff 


a; : 


t!0 ' 


. £ r- eff e : t ! a 


(7 




' J £ heff e : r ! 


rx' 




£ x U {a; i-» t} h ef r 


e : 


r' !<r 



hypothesis. 

Case (a&s) — x „ , 1 — : — ^ — tth — • A value. 

£ r- eff Ai.e:T->r!f) 

Case (app) £heS «i : t U t' \ a £ h eff e 2 : r ! a< By induction; either s> 6l _Z 

£ h e ff ei e 2 : t' ! rj U <r' U rj" 
s'.e'j or ei is a value Wi. 

In the first case, rule (context) yields that s.e\ e 2 — > e & s',ej e 2 . 

If ei = «i, a value, then, by induction, either s.e 2 — > e « s',e' 2 or e 2 is a value. 

In the first case, rule (context) yields that s.v\ e 2 — > e « s',v\ e' 2 . 

If e-i = V2, a value, then the canonical forms lemma 3.2 applied to v\ yields that 
Vi is either Ax.e or rec x. \x' . e. In both cases, the expression is a redex using 
either (beta) or (rec). 

£ h e ff v : t ! 0 

Case (let) £ x U {x h-> gen(£,r)} h e ff e : r' ! cr . This expression is a redex. 
£ h e ff let a; = v in e : r' ! a 
£ h e ff ei : r ! o- 

Case (ilet) £ x U {a; h-> t} h e ff e2 : r' ! cr' . By induction, either ei is a 
£ h e ff ilet a; = ei in e2 : r' ! <T U ct' 

value, in which case the whole expression is a redex, or s,e\ — > e s s',e[. In the 
latter case, the whole expression reduces due to (context). 

- . £ x x < U {x h-> t A t', a;' h-> t) h e ff e : r' ! a . . 

Case (rec) — '■ — — — — . A value. 

£ h e ff rec x. \x . e : t — > r ! 0 

Case (new)-pr-, — ^~ eff e ' T ' ° — . — . — __ By induction, either e is a value, 

v ' £ h eff new e : rei p r ! a U init(p) J ' ' 

f 

in which case the whole expression is a redex, or s, e — > e ff s',e'. In the latter case, 
the whole expression reduces, too, by rule (context). 
£ \ — ff 6 • rsf t ! (J 

Case (qe£)—^-. : — : — - — : rr-^r- By induction, either e is a value, in 

£ h e ff get e : t ! cr U read(p) 

which case the canonical forms lemma 3.2 shows that e = I £ Location, I € dom(s), 

f 

and hence the whole expression is a redex, or s,e — ^ e ff s',e'. In the latter case, 
the whole expression reduces by rules (context). 

ACM Transactions on Computational Logic, Vol. TBD. No. TBD, TBD 20TBD. 



?eff 



26 • P. Wadler and P. Thiemann 



^ , £ l-gg gi = ref p rig £ h eff e 2 : r ! <r' . 

Case (sei) — - ; ; : t\ — . By induction, either ei is a 

t h e ff set ei e 2 : r ! a U er U write(pj 

value, in which case the canonical forms lemma 3.2 shows that ei = I £ Location 

and / £ dom(s), or s. ei — > e g s' . e\. In the latter case, the whole expression reduces 
by rules (context). 

If ei = I then, by induction, either e 2 is a value, in which case the whole expression 
s i 

is a redex, or s,e 2 — > eff ,e 2 . In the latter case, the whole expression reduces by 
(context). □ 

A. 2 Translation preserves semantics 

Proposition 3.10 (Translation preserves semantics) 

(1) If s, e -^-» e ff s' , e' then either s\e* -^ mon s'\e'* , or s\ e* -^-> m0 n s't, eo and 

^0 ^mon ^ 

(2) If s.e -^-» e ff s',e' then s\e* -^-» mon s' f ,e'*. 

(3) Ifs,ei\ f eff then s+,e* frLn- 

(4) If s,e is stuck then either s^,e* is stuck or e* — > mon &o where s^,eo is stuck. 

f 

Proof. Item 1 by induction on the definition of — » e ff- 
Case (beta): s, (Xx. e)v -^-> e ff s > e i x '■= v ]- 

s^((Xx.e)v)* 
= , (Xx. e)t 

= ,(Xx.e*)v^ 

^mon S^, 6 \x . — V^~\ 

= st, (e[x := v])* 

Case (rec): s, (recx. Xx' . e)v -^-> e ff s, (Xx' . e[x := recx. Xx' . e])v. 

, (reci. Xx 1 . e)* 
= , (rec x .Xx 1 . e*) 

-^ mon st, (Xx 1 . e*[x := recx. Xx' . e*]) 
= , (Xx'.e*[x := (recx. Xx' . e)*]) 

= s^, ((Aa;'. e[ai := recx. Aa;'. e])v)* 

Case (letv): s, let i = d in e —^-» e ff s> e[ai := v]. 

, (let i = » in e)* 
= s^, let a; = in e* 

^mon s^,e [a; := t^] 
= , (e[a: := u])* 
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Case (let): s, ilet x = v in e 



->-eff s,e[x : = v\. 

, (ilet x = v in e)* 
= s 1 ', let x <= v* in e* 

= let a; <= <v^> in e* 

^mon s^,e := 
= st, (e[x := w])* 

Case (neiu): s.newt) — ^ e ff s U {Z h-> d}, Z where I dom(s). 



init(z) 



(neww)* 
s^, newt)^ 

st U {I h-> wt},<Z> 



. . , , read(i) , , 

Case (get): s/ U {< h-> v j, get t — >• e ff s/ U {< h-> w). d. 

Si U {Zt->«}t, (get Z)* 
sj U {Z h-> w + },getZ 

sj U {/ h-> w t }, <^> 
s, U {I H w}t,i;* 



read(/) 



Case (set): si U {7 h-> d}, set Z i>' — ^ ' e g- s/ U {Z h-> d'}, d'. 

(s/ U{Z H> w})t,(setZ</)* 
U {Z h-> setZw't 

"^'''mon a| U {I ^ <«'t> 

(Sj U {Z H- </})1>'* 



Case (context)- 



s,n — 5-efF s ,e 



The expression, n, must be a non-value 



s,E[n] ^ eff s',£[e'] 
because otherwise the reduction would be impossible. 
Subcase E = []e. 

(ne)' 

= s^, let x <= n* in (xe)* 

— >mon by induction, and context M 
st, let x -4= e 1 * in (xe)* 

= st,(e'e)* 

= st, let x <= v 1 * in (x e)* 

= let a; <w' t > in (x e)* 

-^mon s f , (xe)*[x := 
st,(w'e)* 
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Subcase E = v []. 



If e' £ NonVal then 



If e' = v' £ Fa/ then 



Subcase i? = ilet a: 



Subcase _E = new[]. 



If e' € NonVal then 
If e' = t/ e VaZ then 



Subcase E = get []. 



st, (w n)* 

s 1 ", let a; <= n* in a;)* 

by induction, and context M 
fit, let x <= e'* in (v x)* 



,(ve'Y 



st, let x <= v'* in (v x)* 
s\ let a: <t/ t > in (w a;)* 

st, (wa:)*[a: := v'^] 

, (tit)')* 



in e. 



, (ilet a; = n in e)* 
fit, let x <= n* in e* 

by induction, and context M 

let x <= e'* in e* 
st , (ilet x = e' in e)* 



(newn)* 
s^let a; n* in (new a;)* 

by induction, and context M 
s^let x <= e'* in (new a;)* 



, (newe')* 



3+ let 



in (new a;)* 



s^iet x <^= <t)'^> in (new a;)* 

, (newa;)*[a; := 
s^, (newt)')* 



s f , (get n)* 
= st, let a; <£= n* in (get a;)* 

— >mon by induction, and context M 
s^, let x <= e'* in (get x)* 
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If e' £ NonVal then 

= s\(gete'r 

If e' = v' £ Fa/ then 

s^.let a: -4= v'* in (get a;)* 
s^let a; <= <?)'+> in (get a;)* 

st, (getx)*[a; := v'^] 
s^(getv')* 

Subcase E = set [] e. Analogous to E = [] e. 
Subcase i? = set v [ ] . Analogous to E = v [ ] . 

Item 2 by induction on the definition of — » er v. 
Item 3 is immediate from item 2. 
Item 4 requires an inductive proof, again: 
Case lv', where I € Location. 

(Iv 1 )* = ft v 1 ^ = Iv 1 ^ is stuck because / is not a lambda. 

Case get?;, where v is not a location or v ^ dom(s). 

(get?;)* = get?A There are three cases for v. 

Subcase v = I € Location and I $ dom(s). 

Then get = get I is stuck because I ^ dom(s 1 ') = dom(s). 

Subcase v = Xx. e. 

Then get (Aa;. e)* = get Xx. e* is stuck because is not a location. 

Subcase v = rec x. Xx 1 . e. 

Then 

get (rec x. Xx 1 . e)^ 
= get (rec x. Xx 1 . e*) 

— >mon get(Xx'.e*\x := rec x. Xx 1 . e*]) 

which is stuck because Xx 1 . ... is not a location. 

Case set?;?;', where v is not a location or v ^ dom(s). 
(set?;?)')* = set?; 1 '?)'*. Analogous to subcase get v. 

Case if s.e is stuck, then s,i£[e] is stuck. By definition of stuck, e must be a 
non- value. 

Subcase E = [] e'. 

(ee')* = let x <= e* in (aie')*. By induction, s^,e* is stuck so that e* has the 
form M[erj], where erj is one of the cases in the definition of stuck. Hence, for some 
monad context M', 

(ee')* 

= let x -4= M[e 0 ] in (a;e')* 
= M'[e 0 ] 

This proves the claim. 
Subcase E = v []. 

(?;e)* = let x <= e* in (?;ai)*. Stuck by analogous reasoning as in the previous 
subcase. 

Subcase E = ilet x = [] in e'. 
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(ilet x = e in e')* = let x <= e* in e'*. Stuck by analogous reasoning as in the 
previous subcase. 
Subcase E = new[]. 

(newe)* = let x e* in (new a;)*. Stuck by analogous reasoning as in the pre- 
vious subcase. 

Subcase E = get []. 

(gete)* = let x <=■ e* in (get a;)*. Analogous. 
Subcase E = set [] e' . 

(set e e')* = let x <= e* in (set a; e')*. Analogous to subcase e e'. 
Subcase £J = setu []. 

(set we)* = let x <= e* in (setvx)*. Analogous to subcase ve. □ 

A. 3 Constraint solution 

Proposition 4.2 (Constraint solution) 

— (Sound) IC(k) |= k. 

— (Complete) If /j |= k then /j = /j o JC(k). 

Proof. To show soundness, suppose that the constraint set has the form kU{c; □ 
a}. Now, 

£(k U (?) 

= {^ f UK(K)(<7)}(f) 

= ?U/C(k)(ct) 

□ ({?k> ? uAC(k)(<t)}oAC(k))(<t) 
= AC(kU{?3<t})(<t) 

Completeness is shown by induction on k. 
Case 0 is immediate. 
Case k U {<; □ cr}. 

Let /i' = /i o /C(/t U {<; □ cr}) =/jo{<;4(;U /C(k)(ct)} o /C(k). Show that, for each 
First, observe that /jo {c; h-> ^U/C(k)((t)} = /j by considering this substitution on 

M{^?UAC(«)(a)}( f )) 
= ^(?UAC(k)(<t)) 

[by the inductive hypothesis] 

= MOumW 

[since /j solution] 
= M?) 

There are three cases to consider. 
Subcase cr' ^ dom(/C(/«)) and c;' ^ <;. 

= Mfr H- ? U /C(«)( ff )}(X:(«)( f '))) = MO- 
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Subcase = 

/AO 

= ^4fUKWW}(£( K )(?))) 
[since ^ ^ dom(/C(K))] 

= /i({ ? 4 ? UK(R)( ff )}( t )) 

[by the preceding observation] 

= MO 

Subcase c;' € dom(/C(/c)). 

/AO 

= K> f uAC(«)( < 7)}(AC(«)(?'))) 

[by the preceding observation] 
= MW(O)) 
= MO 

□ 
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